loncom/interface/resetpw.pm - diff

Return to resetpw.pm CVS log

Up to [LON-CAPA] / loncom / interface

Diff for /loncom/interface/resetpw.pm between versions 1.21 and 1.28

version 1.21, 2009/10/08 22:59:18	version 1.28, 2012/10/02 18:08:12
Line 31	Line 31

=head1 NAME	=head1 NAME

Apache::resetpw - pile of common routines	Apache::resetpw: reset user password.

=head1 SYNOPSIS	=head1 SYNOPSIS

Line 43 described at http://www.lon-capa.org.	Line 43 described at http://www.lon-capa.org.
=head1 OVERVIEW	=head1 OVERVIEW

A user with an e-mail address associated with his/her LON-CAPA username	A user with an e-mail address associated with his/her LON-CAPA username
can reset a forgotten password, using a link sent to the e-mail address	can reset a forgotten password, using a link sent to the e-mail address
if the authentication type for the account is "internal".	if the authentication type for the account is "internal".
account is "internal".

=cut	=cut

Line 67 sub handler {	Line 66 sub handler {
return OK;	return OK;
}	}
my $contact_name = &mt('LON-CAPA helpdesk');	my $contact_name = &mt('LON-CAPA helpdesk');
my $contact_email = $r->dir_config('lonSupportEMail');	my $origmail = $r->dir_config('lonSupportEMail');
my $server = $r->dir_config('lonHostID');	my $server = $r->dir_config('lonHostID');
my $defdom = &Apache::lonnet::default_login_domain();	my $defdom = &Apache::lonnet::default_login_domain();
	my $contacts =
	&Apache::loncommon::build_recipient_list(undef,'helpdeskmail',
	$defdom,$origmail);
	my ($contact_email) = split(',',$contacts);
	my $handle = &Apache::lonnet::check_for_valid_session($r);
	my $lonidsdir=$r->dir_config('lonIDsDir');
	if ($handle ne '') {
	if ($handle=~/^publicuser\_/) {
	unlink($r->dir_config('lonIDsDir')."/$handle.id");
	} else {
	&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
	}
	}
&Apache::lonacc::get_posted_cgi($r);	&Apache::lonacc::get_posted_cgi($r);
&Apache::lonlocal::get_language_handle($r);	&Apache::lonlocal::get_language_handle($r);
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);	&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);
Line 78 sub handler {	Line 90 sub handler {
my $uname = &unescape($env{'form.uname'});	my $uname = &unescape($env{'form.uname'});
my $udom = $env{'form.udom'};	my $udom = $env{'form.udom'};
my $token = $env{'form.token'};	my $token = $env{'form.token'};
my $start_page =	my $brcrum = [];
&Apache::loncommon::start_page('Reset password','',	my $bread_crumbs_component = 'Forgotten Password';
{	if ($token) {
'no_inline_link' => 1,});	push (@{$brcrum},
$r->print($start_page);	{href => '/adm/resetpw',
	text => 'Update Password'});

	$bread_crumbs_component = 'Reset Password';
	} else {
	push (@{$brcrum},
	{href => '/adm/resetpw',
	text => 'Account Information'});
	if ($uname && $udom) {
	push (@{$brcrum},
	{href => '/adm/resetpw',
	text => 'Result'});
	}
	}
	my $args = {bread_crumbs => $brcrum,
	bread_crumbs_component => $bread_crumbs_component};
	$r->print(&Apache::loncommon::start_page('Reset password','',$args));
$r->print('<h3>'.&mt('Reset forgotten LON-CAPA password').'</h3>');	$r->print('<h3>'.&mt('Reset forgotten LON-CAPA password').'</h3>');
my $output;	my $output;
if ($token) {	if ($token) {
Line 154 sub get_uname {	Line 182 sub get_uname {
uemail => 'E-mail address in LON-CAPA',	uemail => 'E-mail address in LON-CAPA',
proc => 'Proceed');	proc => 'Proceed');

my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.');	my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.');
$msg .= '<br /><br />'.&mt('Three conditions must be met:')	$msg .= '<br /><br />'.&mt('Three conditions must be met:')
.'<ul><li>'.&mt('An e-mail address must have previously been associated with your LON-CAPA username.').'</li>'	.'<ul><li>'.&mt('An e-mail address must have previously been associated with your LON-CAPA username.').'</li>'
.'<li>'.&mt('You must be able to access e-mail sent to that address.').'</li>'	.'<li>'.&mt('You must be able to access e-mail sent to that address.').'</li>'
.'<li>'.&mt('Your LON-CAPA account must be of a type for which LON-CAPA can reset a password.')	.'<li>'.&mt('Your LON-CAPA account must be of a type for which LON-CAPA can reset a password.')
.'</ul>';	.'</ul>';
$msg .= qq\|	$msg .= '<form name="forgotpw" method="post" action="/adm/resetpw">'.
<form name="forgotpw" method="post">	&Apache::lonhtmlcommon::start_pick_box().
<table>	&Apache::lonhtmlcommon::row_title('LON-CAPA '.$lt{'unam'}).
<tr><td>	'<input type="text" name="uname" size="20" />'.
<tr><td align="left">LON-CAPA $lt{'unam'}: </td>	&Apache::lonhtmlcommon::row_closure(1).
<td><input type="text" name="uname" size="15" /></td></tr>	&Apache::lonhtmlcommon::row_title('LON-CAPA '.$lt{'udom'}).
<tr><td align="left">LON-CAPA $lt{'udom'}: </td>	&Apache::loncommon::select_dom_form($defdom,'udom').
<td>\|;	&Apache::lonhtmlcommon::row_closure(1).
$msg .= &Apache::loncommon::select_dom_form($defdom,'udom');	&Apache::lonhtmlcommon::row_title($lt{'uemail'}).
$msg .= qq\|</td></tr>	'<input type="text" name="useremail" size="30" />'.
<tr><td align="left">$lt{'uemail'}: </td>	&Apache::lonhtmlcommon::end_pick_box().
<td><input type="text" name="useremail" size="30" /></td></tr>	'<br /><br /><input type="submit" name="resetter" value="'.$lt{'proc'}.'" /></form>';
<tr><td colspan="2" align="left"><br />
<input type="submit" value="$lt{'proc'}" /></td></tr>
</table>
</form>
\|;
return $msg;	return $msg;
}	}

Line 199 sub send_token {	Line 222 sub send_token {
my $esc_token = &escape($token);	my $esc_token = &escape($token);
my $showtime = &Apache::lonlocal::locallocaltime(time);	my $showtime = &Apache::lonlocal::locallocaltime(time);
my $reseturl = &Apache::lonnet::absolute_url().'/adm/resetpw?token='.$esc_token;	my $reseturl = &Apache::lonnet::absolute_url().'/adm/resetpw?token='.$esc_token;
my $mailmsg = &mt('A request was submitted on [_1] for reset of the password for your LON-CAPA account.',$showtime).' '.&mt('To complete this process please open a web browser and enter the following URL in the address/location box: [_1]',$reseturl);	my $mailmsg = &mt('A request was submitted on [_1] for reset of the password for your LON-CAPA account.',$showtime)." \n".&mt('To complete this process please open a web browser and enter the following URL in the address/location box: [_1]',"\n\n".$reseturl);
my $result = &send_mail($domdesc,$email,$mailmsg,$contact_name,	my $result = &send_mail($domdesc,$email,$mailmsg,$contact_name,
$contact_email);	$contact_email);
if ($result eq 'ok') {	if ($result eq 'ok') {
$msg .= &mt("An e-mail sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.<br /><br />The link included in the message will be valid for the next <b>two</b> hours.");	$msg .= &mt("An e-mail sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.<br /><br />The link included in the message will be valid for the next <b>two</b> hours.");
} else {	} else {
$msg .= &mt("An error occurred when sending a message to the e-mail address associated with your LON-CAPA account. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email);	$msg .=
	'<p class="LC_warning">'
	.&mt("An error occurred when sending a message to the e-mail address"
	." associated with your LON-CAPA account."
	." Please contact the [_1] ([_2]) for assistance."
	,$contact_name,$contact_email)
	.'</p>';
}	}
} else {	} else {
$msg .= &mt("An error occurred creating a token required for the password reset process. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email);	$msg .=
	'<p class="LC_warning">'
	.&mt("An error occurred creating a token required for the"
	." password reset process."
	." Please contact the [_1] ([_2]) for assistance."
	,$contact_name,$contact_email)
	.'</p>';
}	}
return $msg;	return $msg;
}	}
Line 219 sub send_mail {	Line 254 sub send_mail {
my $requestmail = "To: $email\n".	my $requestmail = "To: $email\n".
"From: $contact_name <$contact_email>\n".	"From: $contact_name <$contact_email>\n".
"Subject: ".&mt('Your LON-CAPA account')."\n".	"Subject: ".&mt('Your LON-CAPA account')."\n".
	"Content-type: text/plain\;charset=UTF-8\n".
"\n\n".$mailmsg."\n\n".	"\n\n".$mailmsg."\n\n".
&mt('[_1] LON-CAPA support team',$domdesc)."\n".	&mt('[_1] LON-CAPA support team',$domdesc)."\n".
"$contact_email\n";	"$contact_email\n";
Line 236 sub invalid_state {	Line 272 sub invalid_state {
my ($error,$domdesc,$contact_name,$contact_email) = @_;	my ($error,$domdesc,$contact_name,$contact_email) = @_;
my $msg;	my $msg;
if ($error eq 'invalid') {	if ($error eq 'invalid') {
$msg = &mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc)	$msg = '<p class="LC_warning">'.&mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc)
.' '.&mt('Please [_1]go back[_2] and try again.','<a href="javascript:history.go(-1)"><u>','</u></a>');	.'</p>'.&mt('Please [_1]go back[_2] and try again.','<a href="javascript:history.go(-1)"><u>','</u></a>');
} else {	} else {
if ($error eq 'baduseremail') {	if ($error eq 'baduseremail') {
$msg = &mt('The e-mail address you provided does not appear to be a valid address.');	$msg = &mt('The e-mail address you provided does not appear to be a valid address.');
Line 248 sub invalid_state {	Line 284 sub invalid_state {
} elsif ($error eq 'authentication') {	} elsif ($error eq 'authentication') {
$msg = &mt('The username you provided uses an authentication type which can not be reset directly via LON-CAPA.');	$msg = &mt('The username you provided uses an authentication type which can not be reset directly via LON-CAPA.');
}	}
	$msg = '<p class="LC_warning">'.$msg.'</p>';
if ($contact_email ne '') {	if ($contact_email ne '') {
my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"');	my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"');
$msg .= '<br /> '.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for the [_3] domain.'	$msg .= '<br /> '.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for the [_3] domain.'
Line 277 sub reset_passwd {	Line 314 sub reset_passwd {
my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'});	my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'});
if ($now - $data{'time'} < 7200) {	if ($now - $data{'time'} < 7200) {
if ($env{'form.action'} eq 'verify_and_change_pass') {	if ($env{'form.action'} eq 'verify_and_change_pass') {
	unless (($env{'form.uname'} eq $data{'username'}) && ($env{'form.udom'} eq $data{'domain'}) && ($env{'form.email'} eq $data{'email'})) {
	$msg = &generic_failure_msg($contact_name,$contact_email);
	return $msg;
	}
my $change_failed =	my $change_failed =
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);	&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);
if (!$change_failed) {	if (!$change_failed) {
Line 288 sub reset_passwd {	Line 329 sub reset_passwd {
my $result = &send_mail($domdesc,$data{'email'},$mailmsg,	my $result = &send_mail($domdesc,$data{'email'},$mailmsg,
$contact_name,$contact_email);	$contact_name,$contact_email);
if ($result eq 'ok') {	if ($result eq 'ok') {
$msg .= &mt('An e-mail confirming setting of the password for your LON-CAPA account has been sent to [_1].',$data{'email'});	$msg .=
	'<p class="LC_success">'
	.&mt('An e-mail confirming setting of the password'
	.' for your LON-CAPA account has been sent to [_1].'
	,$data{'email'})
	.'</p>';
} else {	} else {
$msg .= &mt('An error occurred when sending e-mail to [_1] confirming setting of your new password.',$data{'email'});	$msg .=
	'<p class="LC_error">'
	.&mt('An error occurred when sending e-mail to [_1]'
	.' confirming setting of your new password.'
	,$data{'email'})
	.'</p>';
}	}
$msg .= '<br /><br />'	$msg .= '<br />'
.'<a href="/adm/login">'.&mt('Go to the login page').'</a>.';	.'<a href="/adm/login">'.&mt('Go to the login page').'</a>.';
} elsif ($change_failed eq 'invalid_client') {	} elsif ($change_failed eq 'invalid_client') {
my $homeserver = &Apache::lonnet::homeserver($data{'username'},$data{'domain'});	my $homeserver = &Apache::lonnet::homeserver($data{'username'},$data{'domain'});
Line 308 sub reset_passwd {	Line 359 sub reset_passwd {
$opentag = '<a href="'.$url.'">';	$opentag = '<a href="'.$url.'">';
$closetag = '</a>';	$closetag = '</a>';
}	}
$msg .= &mt('A problem occurred when attempting to reset the password for your account. Please try again from your [_1]home server[_2].',$opentag,$closetag);	$msg .=
	'<p class="LC_warning">'
	.&mt('A problem occurred when attempting to reset'
	.' the password for your account.'
	.' Please try again from your [_1]home server[_2].'
	,$opentag,$closetag)
	.'</p>';
}	}
} else {	} else {
$msg .= &generic_failure_msg($contact_name,$contact_email);	$msg .= &generic_failure_msg($contact_name,$contact_email);
Line 319 sub reset_passwd {	Line 376 sub reset_passwd {
&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token);	&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token);
}	}
} else {	} else {
$msg = &mt('Sorry, the token generated when you requested a password reset has expired. Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.'	$msg =
,'<a href="/adm/resetpw">','</a>');	'<p class="LC_warning">'
	.&mt('Sorry, the token generated when you requested a password reset has expired. Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.'
	,'<a href="/adm/resetpw">','</a>')
	.'</p>';
}	}
} else {	} else {
$msg .= &mt('Sorry, the URL generated when you requested reset of your password contained incomplete information. Please submit a [_1]new request[_2] for a password reset, and use the new URL that will be sent to your e-mail account to complete the process.'	$msg .=
,'<a href="/adm/resetpw">','</a>');	'<p class="LC_warning">'
	.&mt('Sorry, the URL generated when you requested reset of your password contained incomplete information. Please submit a [_1]new request[_2] for a password reset, and use the new URL that will be sent to your e-mail account to complete the process.'
	,'<a href="/adm/resetpw">','</a>')
	.'</p>';
}	}
return $msg;	return $msg;
}	}

sub generic_failure_msg {	sub generic_failure_msg {
my ($contact_name,$contact_email) = @_;	my ($contact_name,$contact_email) = @_;
return &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.',	return
$contact_name,'<a href="mailto:'.$contact_email.'">'.$contact_email.'</a>');	'<p class="LC_warning">'
	.&mt('A problem occurred when attempting to reset the password for your account.'
	.' Please contact the [_1] - ([_2]) for assistance.',
	$contact_name,'<a href="mailto:'.$contact_email.'">'.$contact_email.'</a>')
	.'</p>';
}	}

sub create_passwd {	sub create_passwd {

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.21
changed lines
	Added in v.1.28